If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

how to prevent from base64 attacks ?

at one of our sites i found a bad code at the top of index.php, main.php files of nearly all scripts (calendars,gallery scripts, file uploding forms .. etc.)
i wrote this bad code to the below, and this code was redirecting especially mobile viewers to a porn site.
I cleaned those codes from about 25 files but i am in doubt whether it comes back again or not.

Most of our scripts seem to be updated to latest versions, What can i do for better security, we dont want this to happen again.
what can you offer and what is the reason of that hacking ? please give me info ..

i decoded the bad code from an online decoding source. it is as follows :
maybe it helps for answering my questions above better.
I wonder if there may be any other file at the server that puts this bad code to our php files., if yes how can i find it ?
the site is a big site.
Thanks

The fact that it's base64-encoded PHP code has nothing to do with how it got onto your site, that's just the payload the attacker left once they found a way in. They may have hacked your site login or FTP password (so it's probably time to change all passwords to longer, more difficult to hack passwords, and make sure all access to the site's control panel and FTP (or really SFTP) are via SSL). If you're on a shared hosting plan, it may have come through another hacked account on that same host, or even someone who registered an account there so they could access other accounts' directories on a poorly configured host (so you might want to consider upgrading to a VPS plan, or even move to a different host. There may be a security hole in one of your site's pages that allowed them to drop in a script to modify your PHP files (and then perhaps delete itself), which might require a detailed security analysis to find (and make sure all your 3rd-part apps have the latest security patches!).

Hey weed, thanks for the links. I've not seen this site before and it shall give me some reading to do.

Sadly, nobody codes for anyone on this forum. People taste your dishes and tell you what is missing, but they don't cook for you. ~anoopmailI'd rather be a comma, then a full stop.User Authentication in PHP with MySQLi - Don't forget to mark threads resolved - MySQL(i) warning